You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "Dan Mahoney, System Admin" <da...@prime.gushi.org> on 2004/12/15 17:08:34 UTC
Re: [sa-list] A change in tact
On Wed, 15 Dec 2004, Rakesh wrote:
I think for the four or five large free website providers, a hook could be
added to spamassassin -r that reports them specifically (although spamcop
already does this, they'll only be advised of the actual site if you're
using a full-blown spamcop account, not the anon thing).
-Dan
> Hii
>
> I am using Spamassassin with URI, Razor and DCC checks to catch spams.
> After implementing URI checks my life had became easier. But ever since
> the SURBLs and URI checks became popular means of trapping spams the
> spammers have devised a ne way to send their mails in.
>
> Recently some of the spams had started slipping in through my setup and
> as every spam that appeared in my boss's inbox my pant was on fire.
>
> I found that earlier the urls in these spam mails were pointed to the ad
> servers or the spammer's website to request images or links. But in
> these mails that slipped in the links were of geocities.com or tripod or
> other free webhosting service providers.
>
> Earlier I thought tht these links might be forged and actually might be
> pointing to some other spammers website, but these links actually point
> to geocities and on visiting the link u get HTML redirection to the
> spammers site.
>
> As sample of such spam is as follows
>
> If you can make a woman laugh you can do anything with her.
> http://www.geocities.com/brenda_paul_100/
>
>
>
> So the question is how do we tackle this scenario. Either we blacklist
> free hosting sites like geocities.com in SURBL and get false positives,
> or we make a humble request to these free webhosting companies to stop
> new registrations and crack down on the ids and hope that the webhosting
> company will really do this or we find out an intermediate way, which i
> was trying to think of but couldn't make my grey cells work on it. So I
> am making my last resort. Asking the experts to help me out.
>
> So how do we tackle this ?
>
> regards
> Rakesh
>
--
"If you aren't going to try something, then we might as well just be
friends."
"We can't have that now, can we?"
-SK & Dan Mahoney, December 9, 1998
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
Re: [sa-list] A change in tact
Posted by Rakesh <ra...@netcore.co.in>.
Dan Mahoney, System Admin wrote:
> On Wed, 15 Dec 2004, Rakesh wrote:
>
> I think for the four or five large free website providers, a hook
> could be added to spamassassin -r that reports them specifically
> (although spamcop already does this, they'll only be advised of the
> actual site if you're using a full-blown spamcop account, not the anon
> thing).
>
Sounds interesting to me, what others have to say ? can we build up a
reporting mechanism for the big providers.
>> Hii
>>
>> I am using Spamassassin with URI, Razor and DCC checks to catch spams.
>> After implementing URI checks my life had became easier. But ever since
>> the SURBLs and URI checks became popular means of trapping spams the
>> spammers have devised a ne way to send their mails in.
>